Telling Students Linux != Windows with pyinotify and pynotify

While doing pro bono Ubuntu system administration for a local private school, something that has always annoyed me is that students frequently download installer files for Windows programs (games, iTunes etc). The computers obviously don’t look like they run Windows, and they’ve been told on many occasions that Linux != Windows. So today, I decided to automate this explanation:

#!/usr/bin/python
 
import pyinotify, pynotify
from subprocess import Popen
from os.path import expanduser
 
pynotify.init('Windows program notifier') # Not sure what this does
 
PATH = expanduser('~')
NAUGHTY_EXTENSIONS = ['exe','bat', 'com', 'dll', 'msi', 'ocx', 'reg', 'scr']
MESSAGE = "You just tried to download a Windows program. This is Linux. Bugger off!"
 
def notifyAndDelete(path, showNotification):
    """Delete any file with the forbben extensions."""
    if path.split('.')[-1].lower() in NAUGHTY_EXTENSIONS:
        print 'Deleting ' + path
        Popen(['rm', path])
        if showNotification == True:
            n = pynotify.Notification("Windows Program Fail", MESSAGE)
            n.show()
 
class HandleEvents(pyinotify.ProcessEvent):
    def process_IN_CREATE(self, event):
        notifyAndDelete(event.pathname, True)
    def process_IN_MOVED_TO(self, event):
        notifyAndDelete(event.pathname, False)
 
if __name__ == '__main__':
    wm = pyinotify.WatchManager()  # Watch Manager
    mask = pyinotify.IN_CREATE | pyinotify.IN_MOVED_TO  # watched events
 
    p = HandleEvents()
    notifier = pyinotify.Notifier(wm, p)
    wdd = wm.add_watch(PATH, mask, rec=True)
 
    notifier.loop()

When a user tries to download a program with an extension found in NAUGHTY_EXTENSIONS, They will get a Notify OSD popup informing them that they are not using Windows, and Windows programs won’t work on school computers. Of course, when I go to deploy this code, MESSAGE will be a little more appropriately worded.

This program is a combination of code I found from this pyinotify tutorial and a Notify OSD snippet I found in Acire.

Edit June 8 2010

Thanks to the anonymous commenter that pointed out the bug that allowed arbitrary code execution, and to Michael Hall for explaining it in more detail. The problem has been fixed.

Tags: , , , ,

This entry was posted on Thursday, May 13th, 2010 at 1:44 pm and is filed under Technology. You can follow any comments to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

3 comments

  1. Paula Gorman
    13 May, 2010 at 5:42 pm

    Thank you Douglass for your creative correction of my students, plus all your hard work.

  2. Anonymous
    21 May, 2010 at 5:53 pm

    Files and folders in Ubuntu can contain ” and ;
    You script has a dangerous security hole.

  3. Michael Hall
    8 June, 2010 at 12:47 pm

    Mono apps use .exe and .dll file extensions, even when they only run on Linux:
    /usr/lib/f-spot/f-spot.exe
    /usr/lib/tomboy/Tomboy.exe

    You can run them through `file` first, and check for the existance of “Mono/.Net Assembly”:

    $ file /usr/lib/tomboy/Tomboy.exe
    /usr/lib/tomboy/Tomboy.exe: PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

AWSOM Powered